From 2f2c9f6b26241cf51f05c63fb4320d6d8e64dd9b Mon Sep 17 00:00:00 2001
From: Brian De Wolf <github@bldewolf.com>
Date: Sat, 28 Apr 2018 03:43:01 -0700
Subject: [PATCH] Improve Palo Alto SSH Collector support (#397)

The PAN CLI tries to do friendly auto-completion things and makes the SSH
Collector fail sporadically.  This change uses the "set cli scripting-mode on"
command to calm down the PAN CLI and works around the extra echoed prompts that
get sent.

This change also adds collection of IPv6 neighbor information.
---
 .../SSHCollector/Platform/PaloAlto.pm         | 23 ++++++++++++++++---
 1 file changed, 20 insertions(+), 3 deletions(-)

diff --git a/lib/App/Netdisco/SSHCollector/Platform/PaloAlto.pm b/lib/App/Netdisco/SSHCollector/Platform/PaloAlto.pm
index 481a00b9..faeb6197 100644
--- a/lib/App/Netdisco/SSHCollector/Platform/PaloAlto.pm
+++ b/lib/App/Netdisco/SSHCollector/Platform/PaloAlto.pm
@@ -25,7 +25,7 @@ use Moo;
 
 =item B<arpnip($host, $ssh)>
 
-Retrieve ARP entries from device. C<$host> is the hostname or IP address
+Retrieve ARP and neighbor entries from device. C<$host> is the hostname or IP address
 of the device. C<$ssh> is a Net::OpenSSH connection to the device.
 
 Returns a list of hashrefs in the format C<{ mac => MACADDR, ip => IPADDR }>.
@@ -45,9 +45,16 @@ sub arpnip{
     my $prompt = qr/> \r?$/;
 
     ($pos, $error, $match, $before, $after) = $expect->expect(20, -re, $prompt);
-    $expect->send("set cli pager off\r\n");
+    $expect->send("set cli scripting-mode on\n");
+
+    # The PAN cli echos stuff back at us, causing us to see the prompt 3 extra times.
+    # Fortunately, the previous command disables this, so we only deal with it once.
     ($pos, $error, $match, $before, $after) = $expect->expect(10, -re, $prompt);
-    $expect->send("show arp all\r\n");
+    ($pos, $error, $match, $before, $after) = $expect->expect(10, -re, $prompt);
+    ($pos, $error, $match, $before, $after) = $expect->expect(10, -re, $prompt);
+    ($pos, $error, $match, $before, $after) = $expect->expect(10, -re, $prompt);
+
+    $expect->send("show arp all\n");
     ($pos, $error, $match, $before, $after) = $expect->expect(10, -re, $prompt);
 
     my @arpentries;
@@ -58,6 +65,16 @@ sub arpnip{
              push(@arpentries, { ip => $ip, mac => $mac });
         }
     }
+
+    $expect->send("show neighbor interface all\n");
+    ($pos, $error, $match, $before, $after) = $expect->expect(10, -re, $prompt);
+    for (split(/\r\n/, $before)){
+        next unless $_ =~ m/([0-9a-f]{0,4}:){2,7}[0-9a-f]{0,4}/;
+        my ($tmp, $ip, $mac) = split(/\s+/);
+        if ($ip =~ m/([0-9a-f]{0,4}:){2,7}[0-9a-f]{0,4}/ && $mac =~ m/([0-9a-f]{2}:){5}[0-9a-f]{2}/i) {
+             push(@arpentries, { ip => $ip, mac => $mac });
+        }
+    }
     $expect->send("exit\n");
     $expect->soft_close();